[Dnssec-trigger] uk.uk. failing probes
wouter at nlnetlabs.nl
Tue Jan 23 11:28:48 UTC 2018
On 23/01/18 12:17, Petr Menšík wrote:
> I just tried new 0.15 dnssec-trigger. Once again there is problem with
> domain chosen to make probes.
> $ dig @dns2.nic.uk. +norec +dnssec -t SOA uk.uk.
> returns NXDOMAIN.
Yes, that is why it is there. To get an NSEC3 response.
> For that reason, gen_random_nsec3_dest probe "_probe.uk.uk." will always
> fail if chosen. Manual dnssec-trigger-control reprobe might be required.
No, it works to get an NSEC3 response.
> My question is same as the last time. How were that domains chosen?
> I found it cannot be even registered again:
That is a good reason to have picked it; i.e. no registerable domain to
elicit NXDOMAIN responses.
> Have been domain owners asked it is ok to use their domains?
No, but if they wouldn't like it, we would of course pick some other
Best regards, Wouter
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the dnssec-trigger